CVE-2018-3665 (retired)

System software utilizing Lazy FP state restore technique on systems usingIntel Core-based microprocessors may potentially allow a local process toinfer data from another process through a speculative execution sidechannel.

Ubuntu-Description

Julian Stecklina and Thomas Prescher discovered that FPU register states(such as MMX, SSE, and AVX registers) which are lazily restored arepotentially vulnerable to a side channel attack. A local attacker could usethis to expose sensitive information.

tyhicks> Xenial and Trusty are affected when running on older x86 processors that do not have support for the xsaveopt instruction. You can verify if your system has support for xsaveopt by locating the "xsaveopt" feature listed in the flags section of the /proc/cpuinfo file. tyhicks> Precise is affected on all x86 processors.